kGraft

From Wikipedia, the free encyclopedia
Jump to: navigation, search

kGraft is a feature of the Linux kernel that implements live patching of a running kernel, which allows kernel patches to be applied while the kernel is still running. By avoiding the need for rebooting the system with a new kernel that contains the desired patches, kGraft aims to maximize the system uptime and availability. At the same time, kGraft allows kernel-related security updates to be applied without deferring them to scheduled downtimes.[1][2] Internally, kGraft allows entire functions in a running kernel to be replaced with their patched versions, doing that safely by selectively using original versions of functions to ensure per-process consistency while the live patching is performed.[3]

kGraft is developed by SUSE, and the source code is licensed under versions two and three of the GNU General Public License (GPL).[2][4] As of April 2014, kpatch is submitted for inclusion into the Linux kernel mainline.[3]

Internals[edit]

Internally, kGraft consists of two parts – the core kernel module executes the live patching mechanism by altering kernel's inner workings, while userspace utilities prepare individual hot patch kernel modules from source diffs. Live kernel patching is performed at the function level, meaning that kGraft can replace entire functions in the running kernel with their patched versions, while relying on the mechanisms and infrastructure established by ftrace to "route around" old versions of functions. No changes to the kernel's internal data structures are possible; however, security patches, which are one of the natural candidates to be used with kGraft, rarely contain changes to the kernel's data structures.[2][3][5]

While applying hot patches, kGraft does not require a running kernel to be stopped for patched versions of functions to be introduced into it. Instead of replacing functions atomically, kGraft provides consistent "world views" (or "universes") to userspace processes, kernel threads and interrupt handlers, which are monitored during their execution so the original versions of patched kernel functions can continue to be used. To accomplish that, kGraft maintains original versions of patched functions in a read-copy-update (RCU) fashion, and dynamically selects between the original and patched versions depending on which process, kernel thread or interrupt handler executes them. More specifically, original versions of functions continue to be used—​at the time when a hot patch is applied—​for processes currently executing within the kernel space, for kernel threads until they reach their completion poins, and for currently executing interrupt handlers.[2][3][6][7]

Due to its design, kGraft does not introduce additional latency while applying hot patches. As the downside, original versions of patched kernel functions may be required to be maintained for extended periods of time in case there are processes that remain for too long within the kernel space; for example, a process may wait for I/O on a network socket. Also, as both original and patched versions of functions are allowed to be executed in parallel, troubles may arise if they use kernel's internal data structures in different ways.[3][7]

"World views" or "universes", maintained by kGraft in a RCU fashion[2]:14–15,17
Without additional logic in place, not replacing patched functions atomically could lead to inconsistencies.
Each process is monitored so it executes a patched function consistently within a single system call.
After everything migrates to a new "universe", trampoline-style checks are no longer needed.

History[edit]

kGraft was announced in February 2014 and publicly released under the GNU General Public License version 2 (GPLv2, for the kernel part) and version 3 (GPLv3, for the userspace part) in March 2014,[1][4] shortly after Red Hat released their own live kernel patching implementation called kpatch. kGraft aims to become merged into the Linux kernel mainline, and it was submitted for the inclusion in May 2014.[3][7]

kGraft was made available for SUSE Linux Enterprise Server 12 on November 18, 2014, as an additional feature called SUSE Linux Enterprise Live Patching.[8][9]

See also[edit]

  • kexec – a method for loading a whole new Linux kernel from a running system
  • Ksplice – another Linux kernel live patching technology developed by Ksplice, Inc. (later acquired by Oracle)

References[edit]

  1. ^ a b "SUSE Releases kGraft for Live Patching of Linux Kernel". SUSE. March 27, 2014. Retrieved November 7, 2014. 
  2. ^ a b c d e Vojtech Pavlík (March 28, 2014). "kGraft: Live patching of the Linux kernel" (PDF). linuxfoundation.org. Retrieved November 7, 2014. 
  3. ^ a b c d e f Jonathan Corbet (April 30, 2014). "The initial kGraft submission". LWN.net. Retrieved November 7, 2014. 
  4. ^ a b Chris Duckett (February 4, 2014). "Suse's kGraft looks to put live kernel patching back into Linux". ZDNet. Retrieved November 7, 2014. 
  5. ^ Vojtech Pavlík (January 31, 2014). "kGraft: Live Kernel Patching". suse.com. Retrieved November 7, 2014. 
  6. ^ Libby Clark (March 4, 2014). "SUSE Labs Director Talks Live Kernel Patching with kGraft". linux.com. Retrieved November 7, 2014. 
  7. ^ a b c Michael Larabel (May 1, 2014). "SUSE Posts kGraft, Red Hat Posts Kpatch Patches". Phoronix. Retrieved November 7, 2014. 
  8. ^ "SUSE Linux Enterprise Live Patching Now Available". SUSE. November 18, 2014. Retrieved November 23, 2014. 
  9. ^ Sean Michael Kerner (November 18, 2014). "SUSE Brings Live Patching and Ceph Storage to Its Enterprise Linux". serverwatch.com. Retrieved November 23, 2014. 

External links[edit]